isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
10,082 Commits 1 Branch 0 Tags
cd74b83c213b03028c7a5da79c1b315ab03aeec4
Commit Graph

858 Commits

Author SHA1 Message Date
Todd C. Miller
bb06233247 Fix a typo. 2018-02-22 13:17:37 -07:00
Todd C. Miller
ceea24b965 Initial support for parsing sudoers LDIF files in cvtsudoers. 
This makes it possible to convert from LDAP sudoers to a traditional
sudoers file.  Semantic differences between file sudoers and LDAP
sudoers mean that LDIF -> sudoers is not completely equivalent.
 2018-02-22 09:53:12 -07:00
Todd C. Miller
4f9296928c Add option to cvtsudoers to expand aliases in the output. 2018-02-19 15:32:56 -07:00
Todd C. Miller
525c6a3d94 Use /run in preference to /var/run if it exists. 
Bug #822
 2018-02-19 10:59:12 -07:00
Todd C. Miller
3354cbd021 Add sudoers output format to cvtsudoers. In the future this may 
be used with filters to emit a partial sudoers file instead of a
full one.
 2018-02-02 14:29:19 -07:00
Todd C. Miller
5de49b2d6b The max timeout for kernel time stamps is 60 minutes, not 3600 minutes. 2018-01-30 11:11:48 -07:00
Todd C. Miller
d2303d8b12 Sudo 1.8.23 2018-01-29 09:40:12 -07:00
Todd C. Miller
9d49c9193b Remove the C-style comment charactes from the getopt_long.c and 
inet_pton.c license text as it was inconsistent with the rest of
the file and messed up the html formatting.
 2018-01-29 09:31:54 -07:00
Todd C. Miller
831de0fc8b Add -b option to specify the base dn. 2018-01-28 19:58:10 -07:00
Todd C. Miller
b0abdd5a17 Document limitations of LDIF conversion. 2018-01-28 19:38:00 -07:00
Todd C. Miller
4acaa9c74a Switch the default output format to LDIF 2018-01-28 19:36:16 -07:00
Todd C. Miller
63321f19a9 Revert 04ec05108b2b, change the default input source back to stdin. 2018-01-28 16:11:02 -07:00
Todd C. Miller
681fb2e76e Add ldif backend to cvtsudoers, to replace sudoers2ldif 2018-01-27 20:08:02 -07:00
Todd C. Miller
c360ad4605 install the cvtsudoers manual 2018-01-26 13:19:03 -07:00
Todd C. Miller
98c19a68c9 Use the built-in sudoers file location as the default sudoers file 
for cvtsudoers and move parse_sudoers_options() to stubs.c since
it is shared between visudo.c and cvtsudoers.c.
 2018-01-26 13:15:10 -07:00
Todd C. Miller
80cb1b5da9 Move sudoers JSON conversion to cvtsudoers which will eventually 
output to other formats too.
 2018-01-26 11:20:37 -07:00
Todd C. Miller
eb8b5c7964 document that kernel tty timestamps don't support negative timeouts 2018-01-24 05:27:54 -07:00
Todd C. Miller
b3601253e6 Fall back to ppid time stamps if timestamp_type == kernel and no 
tty is present.  This is consistent with timestamp_type == tty.
 2018-01-23 11:18:18 -07:00
Todd C. Miller
70f406d67f Welcome to 2018 2018-01-04 21:35:17 -07:00
Todd C. Miller
83ad5d9dbc Remove extra $(srcdir)/sudoreplay.man.in target added by mistake. 2017-12-22 12:55:41 -07:00
Todd C. Miller
23ac62cfb5 Also honor SUDO_EDITOR in visudo. Previously is was only used 
by sudoedit.
 2017-12-22 10:22:33 -07:00
Todd C. Miller
740a479806 The session ID was added in 1.8.6p7 to prevent a user in another 
session from re-using the time stamp file.
Other minor cleanups.
 2017-12-21 14:37:13 -07:00
Todd C. Miller
feb48b8ebf Add "kernel" as a possible value of timestamp_type. 
Currently only supported on OpenBSD.
 2017-12-20 16:19:54 -07:00
Todd C. Miller
5f3797c754 Document the sudoers time stamp file format. 2017-12-20 13:01:06 -07:00
Todd C. Miller
1709dc7f77 In the timestamp record, include the start time of the terminal 
session leader for tty-based timestamps or the start time of the
parent process for ppid-based timestamps.  Idea from Duncan Overbruck.
 2017-12-16 05:53:05 -07:00
Todd C. Miller
bda2f4c441 Try to be clearer about sudo's exit value when the -l option is used. 2017-12-12 15:42:21 -07:00
Todd C. Miller
6ca8447e00 An empty RunAsUser means run as the invoking user, similar to how 
the sudoers files works.
 2017-12-12 14:20:56 -07:00
Todd C. Miller
f869086eff regen 2017-12-12 14:19:13 -07:00
Todd C. Miller
1350a30737 Add authfail_message sudoers option to allow the user to override 
the default message of %d incorrect password attempt(s).
 2017-12-11 12:43:58 -07:00
Todd C. Miller
e78283af99 Document that in check mode, visudo does not check the owner/mode 
on files specified with the -f flag.
 2017-12-06 10:17:33 -07:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
276d83cc98 regen for sudo 1.8.22 2017-12-01 14:37:16 -07:00
Todd C. Miller
c2eee7904d Background processes started by the command will no longer receive 
SIGHUP.
 2017-12-01 13:53:09 -07:00
Todd C. Miller
9298a2a42e Better describe things when a command is run in a pty. 2017-11-21 16:59:54 -07:00
Todd C. Miller
4e8c037f22 Document bash shell alias issue with "sudo -i". 2017-10-22 06:54:41 -06:00
Todd C. Miller
c017741589 Minor corrections from Tae Wong 2017-10-14 16:24:10 -06:00
Todd C. Miller
cece54ae85 Add a warning that for "sudo -i command" and "sudo -s command" the 
shell is not run in interactive mode which may change its behavior.
 2017-10-12 10:07:46 -06:00
Todd C. Miller
1051cf1e6f env_keep and env_check are also taken into account with "sudo -i". 
Bug #806
 2017-09-26 13:08:57 -06:00
Todd C. Miller
dcb887807e Add missing translators from recent updates and one name change. 2017-09-14 11:05:41 -06:00
Todd C. Miller
7e78fbccfd More accurately describe the use_pty option now that its behavior 
has changed with respect to interposition with a pipe.
Also describe some caveats with log_input.
 2017-09-07 14:59:37 -06:00
Todd C. Miller
b4f4bb3345 Document changes in use_pty behavior when no terminal is present. 2017-09-07 14:58:34 -06:00
Todd C. Miller
447c2c7e8c regen 2017-09-01 06:01:08 -06:00
Todd C. Miller
7652dad0d6 Fix typo (Auguest vs. August). From David Pocock. 2017-09-01 06:00:48 -06:00
Todd C. Miller
a01bbfacf4 Add Friulian translation for sudo from Fabio Tomat via translationproject.org 2017-08-10 10:14:57 -06:00
Todd C. Miller
54860cf7f5 In the Runas example that uses "boulder" make it clear that "boulder" 
is a host name.
 2017-08-04 14:55:03 -06:00
Todd C. Miller
c18dde2350 Allow the user to specify a list of environment variables to preserve. 
This adds an option paramter to the --preserve-env option, a
comma-separated list of variable names.
 2017-08-03 07:32:24 -06:00
Todd C. Miller
63d954d1fc Replace tty_tickets option with timestamp_type which can be 
global, ppid or tty.  Defaults to tty (no change in behavior).
Some users want the ppid behavior.
 2017-08-01 16:14:54 -06:00
Todd C. Miller
9ea9ecb183 start new sentences on a new line 2017-07-21 11:20:04 -06:00
Todd C. Miller
d76d5eaebc Clarify how the variable prompt options interact with each other 
and PAM.
 2017-07-21 11:18:13 -06:00
Todd C. Miller
d129f306ea Add syslog_pid sudoers option to log sudo's process ID when logging 
via syslog.  This is disabled by default to match historic behavior.
 2017-07-20 16:33:12 -06:00